PkgRadar

Package evidence

@nikolasp98/[email protected]

Webhook Exfil Endpoint: matched "ngrok-free.app"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
724
Versions published
199
First published
Feb 2026
Publisher
nikolasp98

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@nikolasp98/[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@nikolasp98/[email protected]"],"fail_on":"high"}'
Publishernikolasp98
Artifact bytes29,011,363
Previous version2026.5.17-dev
Published2026-06-12T16:43:52.850Z
SHA-2569511ea9a580026297f3dc5cbc3c2820a0a70cc08807dde592bb39a958afdaf72

Why flagged

What the scanner saw

Webhook Exfil Endpoint: matched "ngrok-free.app"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high
Last checked
highRisk
220Score
2026.6.10-dev.20260612164123Version
Status history (1 event)
  1. newavailable · risk high · score 220 · status changed

Evidence

Static findings

35 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
highWebhook Exfil Endpointpackage/extensions/voice-call/index.jsmatched "ngrok-free.app"40
highWebhook Exfil Endpointpackage/dist/store-CbIG3YUG.jsmatched "api.telegram.org/bot"40
highWebhook Exfil Endpointpackage/dist/store-DY_f54ry.jsmatched "api.telegram.org/bot"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/providers/twilio.test.tsmatched "ngrok.app"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/webhook-security.test.tsmatched "ngrok-free.app"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/webhook-security.tsmatched "ngrok-free.app"40
mediumRemote Payloadpackage/dist/doctor-config-flow-B3_WIm-E.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/doctor-config-flow-Bizch-jR.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/store-CbIG3YUG.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/store-DY_f54ry.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/extensions/nitter/setup/install.shmatched "curl "12
Show all 35 findings (low-signal and informational)
SeverityKindPathDetailPoints
highWebhook Exfil Endpointpackage/extensions/voice-call/index.jsmatched "ngrok-free.app"40
highWebhook Exfil Endpointpackage/dist/store-CbIG3YUG.jsmatched "api.telegram.org/bot"40
highWebhook Exfil Endpointpackage/dist/store-DY_f54ry.jsmatched "api.telegram.org/bot"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/providers/twilio.test.tsmatched "ngrok.app"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/webhook-security.test.tsmatched "ngrok-free.app"40
highWebhook Exfil Endpointpackage/extensions/voice-call/src/webhook-security.tsmatched "ngrok-free.app"40
mediumRemote Payloadpackage/dist/doctor-config-flow-B3_WIm-E.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/doctor-config-flow-Bizch-jR.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/store-CbIG3YUG.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/store-DY_f54ry.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/extensions/nitter/setup/install.shmatched "curl "12
lowCredential file accesspackage/dist/auth-profiles-IgyYQyiM.jsmatched "AWS_ACCESS_KEY"5
lowMessenger Bot Endpointpackage/dist/doctor-config-flow-B3_WIm-E.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowMessenger Bot Endpointpackage/dist/doctor-config-flow-Bizch-jR.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowCredential file accesspackage/dist/bundled/session-memory/handler.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/alert-watcher/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/flows/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/gmail-calendar/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/googlechat/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/llm-task/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/extensions/tlon/index.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/dist/llm-slug-generator.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/dist/model-selection-BxUO6y8B.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/dist/model-selection-CfgOhaG3.jsmatched "AWS_ACCESS_KEY"5
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/discord.js4341116 bytes0
lowLarge Javascript Payloadpackage/dist/bundled/boot-md/handler.js4300776 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/imessage.js4004936 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/index.js5201569 bytes0
lowLarge Javascript Payloadpackage/extensions/diagnostics-otel/index.js2343024 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/line.js4020156 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/signal.js4029286 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/slack.js4164495 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/telegram.js4229503 bytes0
lowLarge Javascript Payloadpackage/dist/plugin-sdk/channels/whatsapp.js4138525 bytes0
lowLarge Javascript Payloadpackage/extensions/matrix/resolve-targets-IHap2KKN.mjs2727455 bytes0

Manifest

Package metadata

Scripts80
  • android:assemblecd apps/android && ./gradlew :app:assembleDebug
  • android:installcd apps/android && ./gradlew :app:installDebug
  • android:runcd apps/android && ./gradlew :app:installDebug && adb shell am start -n ai.minion.android/.MainActivity
  • android:testcd apps/android && ./gradlew :app:testDebugUnitTest
  • baml:generatebaml-cli generate --from baml_src
  • buildpnpm baml:generate && node --import tsx scripts/embed-templates.ts && pnpm canvas:a2ui:bundle && node scripts/run-tsdown.mjs && node --import tsx scripts/canvas-a2ui-copy.ts && node --import tsx scripts/copy-hook-metadata.ts && node --import tsx scripts/copy-section-prose.ts && node --import tsx scripts/copy-export-html-templates.ts && node --import tsx scripts/write-build-info.ts && node --import tsx scripts/write-cli-compat.ts && node --import tsx scripts/generate-plugin-manifests.ts && node --import tsx scripts/build-extensions.ts && (pnpm build:plugin-sdk:dts && node --import tsx scripts/write-plugin-sdk-entry-dts.ts || echo '[build] WARN: plugin-sdk dts step failed — runtime bundles are intact, type declarations may be stale')
  • build:plugin-sdk:dtstsc -p tsconfig.plugin-sdk.dts.json
  • canvas:a2ui:bundlebash scripts/bundle-a2ui.sh
  • checkpnpm format:check && pnpm tsgo && pnpm lint && node --import tsx scripts/generate-plugin-manifests.ts --check
  • check:docspnpm format:docs:check && pnpm lint:docs && pnpm docs:check-links
  • check:locnode --import tsx scripts/check-ts-max-loc.ts --max 500
  • dev./infisical-dev.sh node scripts/run-node.mjs || node scripts/run-node.mjs
  • docs:binnode scripts/build-docs-list.mjs
  • docs:check-linksnode scripts/docs-link-audit.mjs
  • docs:devcd docs && mint dev
  • docs:listnode scripts/docs-list.js
  • formatoxfmt --write
  • format:allpnpm format && pnpm format:swift
  • format:checkoxfmt --check
  • format:docsgit ls-files 'docs/**/*.md' 'docs/**/*.mdx' 'README.md' | xargs oxfmt --write
  • format:docs:checkgit ls-files 'docs/**/*.md' 'docs/**/*.mdx' 'README.md' | xargs oxfmt --check
  • format:swiftswiftformat --lint --config .swiftformat apps/macos/Sources apps/ios/Sources apps/shared/OpenClawKit/Sources
  • gateway:devMINION_SKIP_CHANNELS=1 MINIONBOT_SKIP_CHANNELS=1 node scripts/run-node.mjs --dev gateway
  • gateway:dev:resetMINION_SKIP_CHANNELS=1 MINIONBOT_SKIP_CHANNELS=1 node scripts/run-node.mjs --dev gateway --reset
  • gateway:watchnode scripts/watch-node.mjs gateway --force
  • generate:toolsnode --import tsx scripts/generate-tool-registry.ts
  • ios:buildbash -lc 'cd apps/ios && xcodegen generate && xcodebuild -project Minion.xcodeproj -scheme Minion -destination "${IOS_DEST:-platform=iOS Simulator,name=iPhone 17}" -configuration Debug build'
  • ios:gencd apps/ios && xcodegen generate
  • ios:opencd apps/ios && xcodegen generate && open Minion.xcodeproj
  • ios:runbash -lc 'cd apps/ios && xcodegen generate && xcodebuild -project Minion.xcodeproj -scheme Minion -destination "${IOS_DEST:-platform=iOS Simulator,name=iPhone 17}" -configuration Debug build && xcrun simctl boot "${IOS_SIM:-iPhone 17}" || true && xcrun simctl launch booted ai.minion.ios'
  • …and 50 more.
Dependencies70
  • @agentclientprotocol/sdk0.14.1
  • @aws-sdk/client-bedrock^3.1053.0
  • @buape/carbon0.14.0
  • @clack/prompts^1.0.1
  • @earendil-works/pi-agent-core0.75.5
  • @earendil-works/pi-ai0.75.5
  • @earendil-works/pi-coding-agent0.75.5
  • @earendil-works/pi-tui0.75.5
  • @grammyjs/runner^2.0.3
  • @grammyjs/transformer-throttler^1.2.1
  • @homebridge/ciao^1.3.5
  • @larksuiteoapi/node-sdk^1.59.0
  • @libsql/client0.17.3
  • @line/bot-sdk^10.6.0
  • @lydell/node-pty1.2.0-beta.3
  • @minion-stack/drone^0.2.0
  • @minion-stack/shared^0.6.0
  • @mozilla/readability^0.6.0
  • @sentry/node10.53.1
  • @sinclair/typebox0.34.48
  • @slack/bolt^4.7.2
  • @slack/web-api^7.16.0
  • @whiskeysockets/baileys7.0.0-rc11
  • ajv^8.20.0
  • better-sqlite3^12.10.0
  • chalk^5.6.2
  • chokidar^5.0.0
  • cli-highlight^2.1.11
  • commander^14.0.3
  • comment-json^4.6.2
  • …and 40 more.
Optional dependencies1
  • ioredis^5.4.1